Showing 1 of 1 findings
(filtered)
View Documentation Status (90 tracked)
| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-206548 | CAT II | MONT-DB-002 | Database Security Requirements Guide | The role(s)/group(s) used to modify database struc... | - | |||
Check TextIdentify the group(s)/role(s) established for DBMS modification. Obtain the list of users in those group(s)/roles. Identify the individuals authorized to modify the DBMS. If unauthorized access to the group(s)/role(s) has been granted, this is a finding. Fix TextRevoke unauthorized memberships in the DBMS modification group(s)/role(s). CommentsThe DBMS architecture does not allow users, even with the highest privileges, to modify the structure or logic of built-in security objects. The SYS_AUTH_SA_ROLE, SYS_AUTH_SSO_ROLE, SYS_RUN_REPLICATION_ROLE, and SYS_AUTH_DBA_ROLE, are the only roles allowed to make modifications to database structure and logic modules.
Source: Montford Point ShipCLIP DB V4R4.ckl
Scan Date: 2026-03-06T12:50:21.809591
Technology Area: Database Review
|
||||||||